UPDATE: Steam has clarified that no accounts have been breached, and states that no Steam usernames or passwords are at risk.Updated story can be found here. The original story follows.
Steamaccount details have reportedly been put up for sale on the deep web, with over 89 million users potentially affected. Valve has made attempts to beef up the gaming marketplace’s security over the years, but players may want to change theirSteampasswords as soon as possible to ensure that their personal information stays under lock and key.
Launched in 2003, Valve’s service has become the most popular video game distribution platform on the web, withSteam recently surpassing 40 million concurrent usersfor the first time in its history. While other services have attempted to dethrone the PC gaming giant over the years, none have managed to do so, with Steam becoming most gamers' go-to for keeping their gaming libraries organized and socializing with friends. Despite this overwhelming success, it hasn’t all been smooth sailing, with Steam’s recent milestone currently being overshadowed by an unfortunate security issue potentially threatening millions of users.
According to aLinkedIn postfrom Underdark, a well-known cyber threat security company, the details of 89 million Steam records are reportedly being sold on the dark web for only $5,000. These details include phone numbers, user records, one-time access codes, SMS message logs, and more. Users are being asked to change their passwords, enable two-factor authentication, and keep an eye out for strange emails or potential phishing activity. Although the data seems to have been leaked via a third-party vendor and not Steam itself, many users are calling onValve to beef up securityto ensure that this doesn’t happen again. The company has not yet provided a statement.
89 Million Steam Account Details Have Reportedly Been Leaked
Unfortunately, data breaches are a common reality in the gaming sphere. Earlier this year, Grinding Gear Games confirmed that the action RPGPath of Exile 2had suffered a data breachafter one developer’s admin account was accessed by a third party. In 2024, Game Freak admitted that massive amounts ofPokemondata had been obtained due to a data breach, including unannounced games, source code for many past releases, and employee information. Sony, Insomniac, and Ubisoft have all been the victims of cyberattacks in recent years as well.
While millions of users continue to flock to the platform each day, Valve has also recently found itself in choppy waters. Following the official Nintendo Switch 2 announcement in January,Steam Deck sales begin to plummet, dropping from #3 on the Steam Charts to #47. It’s estimated that since the handheld console’s launch in 2022, around four million have been sold.
